VDB

GCVE-110-NCSC-2024-474

GCVE-110-NCSC-2024-474
Advisory Published
Vulnetix · Advisory published December 10, 2024
Drupal heeft kwetsbaarheden verholpen in Drupal Core (Specifiek voor versies 7.0 tot 7.102, 8.0.0 tot voor 10.2.11, 10.3.0 tot voor 10.3.9, en 11.0.0 tot voor 11.0.8).

Weaknesses (CWE)

CWE-79Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')CWE-289Authentication Bypass by Alternate NameCWE-915Improperly Controlled Modification of Dynamically-Determined Object Attributes

Affected Products

VendorProductVersionsPlatforms
open_sourcedrupal

References

advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory

Browse GCVE Records

73,738 records in the GCVE database · Updated July 19, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›